The U.S. Department of Justice arrested a security engineer on wire fraud charges, alleging he stole $9 million worth of crypto from an unnamed decentralized cryptocurrency exchange.
Arcadia Finance hacker used reentrancy exploit, team demands return of funds
In a post-mortem report, Arcadia Finance developers said an attacker stole funds by liquidating a vault before it could perform a health check, interrupting the app’s normal flow of operations.
Someone Flash Loaned $200M From MakerDAO to Make $3 Profit
An arbitrage bot flash loaned $200 million worth of the dai stablecoin from MakerDAO on Wednesday, making a $3.24 profit after transaction fees.
Bug in Aave V2 Polygon causes some assets to become stuck in contracts
The bug only affects the Polygon implementation, and V3 is unaffected
Authorities in France Arrest Duo Involved in Platypus Exploit
Flash loan exploit drained protocol of over $9 million in assets and knocked Platypus USD (USP) off its peg.
USP Stablecoin Loses Dollar Peg as DeFi Protocol Platypus Suffers $8.5M Attack
The flash loan attack caused Platypus Finance’s native stablecoin to fall to 48 cents from $1. The potential loss is $8.5 million, according to blockchain security firm CertiK.
Cream Finance Loses $25 Million To A Flash Loan Attack
PeckShield reported through a tweet of the new hack on Cream Finance. The blockchain security company said a flash loan attack on the decentralized finance lending and borrowing protocol.
#FlashLoanAlert https://t.co/JPW7e368qd
— PeckShield Inc. (@peckshield) August 30, 2021
PeckShield explained that the hacking came through a 500 Ethereum flash loan from the attacker. This was used to infiltrate a reentrancy bug in the smart contract of the Flex Network. Usually, flash loans being undercollateralized can be borrowed and repaid within a single transaction.
Related Reading | Cryptocurrency Firms In Switzerland To Offer Tokenized Products On Tezos
As a DeFi protocol for lending, Cream Finance allows users to earn interest from their deposited assets. Though Cream Finance is a fork of the Compound protocol, its operation is quite different from Compound or Aave. The platform has several more markets for some esoteric digital assets.
1/4 @CreamFinance was exploited in (one hack tx: https://t.co/JPW7e368qd), leading to the gain of ~$18.8M for the hacker.
— PeckShield Inc. (@peckshield) August 30, 2021
This attack on Cream Finance was exploitation involving 1,308 Ethereum and over 418 million AMP, the native token of Flexa Network. According to PechShield, the Ethereum records reveal that over $6 million were hacked at 5:44 UTC.
Cream Finance Becomes Another DeFi Protocol Hacked In 2021
Furthermore, the Cream Finance team members confirmed the authenticity of the hacking reporting. Then, reporting on Discord Channel, the project’s official channel, the members started working with PeckShield.
The team revealed that the hacking was on the CREAM v1 market on the Ethereum Blockchain. Furthermore, they mentioned that it’s through the reentrancy of the contract on the AMP token.
At the time of writing, AMP’s value has dipped by 15% within few hours to $0.05. Also, the value of Cream Finance’s native token, CREAM, plummeted by about 6%.
However, ETH is at $3, 190.46 showing a slight dipping within the last 24 hours. The total amount of the Crean Finance hacking is more than $25 million. The address of the hackers shows that they presently have about $18.8 million.
Amidst the hack, Cream Finance is down by 6% | Source: CREAMUSD on TradingView.com
The Cream Finance team has put a stop to any further loss. The team said that it now has a pause on AMP’s supply and borrow. It further acknowledged that the hack doesn’t affect any other market. Eason Wu, the protocol’s production Manger, disclosed this information on Discord.
Recall that earlier in the year; Cream Finance had a huge hack. The attack led to the loss of $37.5 million worth of digital assets. According to the report, the earlier hacking had a root cause from the exploitation of Alpha Finance.
Related Reading | Reports Show 45% Surge In Stock And Cryptocurrency Sign-Ups Across Rural Areas In India
Flash loans have remained one of the controversial features of decentralized finance. This’s because there’s no collateral needed for the loans, and hence, they are susceptible to hacks. This accounts for the recent attacks and hacks of flash loans.
A similar incident is a hack on the Bilaxy crypto exchange on August 28. The exchange had a huge hot wallet hack that compromised about 295 ERC-20 tokens. Also, a hack on Liquid on August 19 resulted in a loss of about $100 million.
Featured image from Pixabay, chart from TradingView.com
DeFi Exploits Can’t Be Pinned on Flash Loans, Industry Leaders Say
DeFi’s novel flash loan products aren’t to blame for the recent string of exploits, industry leaders say.
Origin Protocol Loses $3.25M in Latest Flash Loan Attack: Reports
The attacker utilized a flash loan to alter the prices of assets on Origin Dollar, according to Ether Scan.
Value DeFi Suffers $6M Flash Loan Attack
The latest flash loan attack in the decentralized finance world has caused a total loss of $6 million.
Maker DAO Members Voting on a Safeguard Against BProtocol Flash Loan-Type Attack
The Maker DAO community is voting on a proposal to harden the protocol’s governance structure against flash loan voting.
Harvest Finance Boosts Bounty to $1M for Information Leading to Return of Exploited Funds
Harvest Finance is offering $1 million for information leading to the return of funds from Monday’s $24 million exploit.
‘Flash Loans’ Have Made Their Way to Manipulating Protocol Elections
BProtocol used a flash loan to speed up election results on MakerDAO. The DeFi platform is now weighing changes to its voting process.
Harvest Finance: $24M Attack Triggers $570M ‘Bank Run’ in Latest DeFi Exploit
Harvest Finance has seen its total value locked drop by more than $500 million in the 12 hours since being hit by a flash loan attack.
Blockchain Bites: EY’s Auditing Slip and Bitcoin’s Long Line of Pseudonymous Developers
Balancer fell victim to a “flash loan” exploit while a shareholders association said EY should have caught Wirecard’s multi-billion blackhole earlier.
Uniswap V2 Launches With More Token-Swap Pairs, Oracle Service, Flash Loans
The headline feature of the new Uniswap will be the ability for anyone to create any pool pair they want, so long as it exists on Ethereum.
The DeFi ‘Flash Loan’ Attack That Changed Everything
Flash loan attacks are here to stay and are likely to get more serious. DeFi needs to adapt, says a leading crypto VC.
DeFi Insurance Firm Nexus Mutual Makes Its First Payout Following bZx Attacks
Nexus Mutual members voted to pay out two claims following the bZx flash loan attacks – a first for the DeFi insurance pioneer.
Chainlink’s Sergey Nazarov on What DeFi Can Learn From Early Exchange Hacks
A breakdown of the role of price oracles in the recent DeFi attacks, plus what DeFi can learn from early exchange hacks.
The Flash Loan Attacks Explained (For Everybody)
Today we’re breaking down the flash loan attacks that rocked the DeFi community in a way even your grandpa can understand, presented in both audio and full-text format.